[#APF-1063] UserCounterListener/Invalid user information displayed in Current Login User - AppFuse JIRA

AppFuse

UserCounterListener/Invalid user information displayed in Current Login User

Created: 07/May/08 02:32 PM Updated: 10/May/08 04:48 PM Resolved: 10/May/08 04:48 PM

Component/s:

Web - Struts

Affects Version/s:

2.0.2

Fix Version/s:

2.0.2

Environment:

S2 Basic

Description

« Hide

in UserCounterListener.java

  // Workaround for Jetty bug (http://www.nabble.com/current-user-count-incorrect-tf3550268.html#a9919134)
The workaround block has to be removed and use the following instead.

    public void attributeAdded(HttpSessionBindingEvent event) {
        if (event.getName().equals(EVENT_KEY) && !isAnonymous()) {
            SecurityContext securityContext = (SecurityContext) event.getValue();
            if (securityContext.getAuthentication().getPrincipal() instanceof User) {
                User user = (User) securityContext.getAuthentication().getPrincipal();
                addUsername(user);
            }
    }

The original workaround block as attached below will create a new "User" object
        // Workaround for Jetty bug (http://www.nabble.com/current-user-count-incorrect-tf3550268.html#a9919134)
        } else if (event.getName().equals(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY)) {
            String username = (String) event.getValue();
            User user = new User(username);
            addUsername(user);
        }

A second call will be made and the right user contains full user information won't be added. (User.hashCode is using the username's hashCode). Removing that block seems to be working correctly using jetty as well as tomcat.